7.5

CVE-2006-2489

Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a content length (Content-Length) HTTP header.  NOTE: this is a different vulnerability than CVE-2006-2162.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NagiosNagios Version1.0
NagiosNagios Version1.0b1
NagiosNagios Version1.0b2
NagiosNagios Version1.0b3
NagiosNagios Version1.0b4
NagiosNagios Version1.0b5
NagiosNagios Version1.0b6
NagiosNagios Version1.1
NagiosNagios Version1.2
NagiosNagios Version1.3
NagiosNagios Version1.4
NagiosNagios Version2.0
NagiosNagios Version2.0b1
NagiosNagios Version2.0b2
NagiosNagios Version2.0b3
NagiosNagios Version2.0b4
NagiosNagios Version2.0b5
NagiosNagios Version2.0b6
NagiosNagios Version2.0rc1
NagiosNagios Version2.0rc2
NagiosNagios Version2.1
NagiosNagios Version2.2
NagiosNagios Version2.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.92% 0.825
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P